So I just started using Metasploit today, and set-up my laptop (Running Win 7) to test some exploits, for learning purposes of course. I went over and disabled all of the firewalls (Including Windows Firewall) and AV's I have on that computer. I then went over to my desktop (also running Win7) and started using Metasploit. But when I tried to run an exploit, it says "Exploit Exception: The connection was refused by the remote host (192.168.33.1:1755)". Thinking I missed an AV or firewall I went over and checked, but it appears that all are disabled... I'm perplexed to say the least. Here's exactly what I did in Metasploit:

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook

Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

Goatboy wrote:Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook

Goatboy wrote:Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

I remember reading a HTS post by someone linking to a black hat live hacking of a windows 7 box, (or what nmap suggested the box was) blackhat2012 used the ms10_025_wmss_connect_funnel exploit to connect and shut-down the victims computer, so I think that might be the place where centip3de may have gotten the idea from. Personally i am perplexed why the youtube video maker decided to used this exploit as it only works on Windows 2000.

Goatboy wrote:That was a live hack, meaning there was an actual victim on the other computer. This person probably enabled WMS on his machine. I'm guessing centip3de did not.

Actually, we had the same process running... But I think my Cisco has "port protected up", so I'll have to change that.

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook